Sharing a SecurityCenter Dashboard
You create a new, excellent dashboard in SecurityCenter. Others see the value of your innovations and also want that information for their security efforts. How can you share your dashboard with them?
Dashboard sharing can occur in several ways. On a grander scale, the strategic implementation of dashboards can reflect leadership's’ focus and leverage technical expertise to the benefit of all users. In this blog, I present how you can effectively share dashboards to bring more productivity to your security program.
Effective sharing mechanisms
Dashboards can be made available in a variety of ways:
- Group definition. Probably one of the quickest sharing occurs when the Security Manager specifies a list of dashboards in the the group definition on the Share to Group tab under Available Objects. This approach provides standardization so people see the same tools and values.
- Within the group. When one group member creates a dashboard, automatically the other group members have access. This built-in collaboration saves a lot of time and reduces errors.
- Explicitly to other groups. Sharing can happen horizontally between groups. The dashboard owner or authorized users can share dashboards to other groups. This magnifies the efficiencies and standardization brought by sharing.
One example of this can occur when a SecurityManager adds a new dashboard and then shares it with all the other groups.
- Export/import between users. Sharing can occur directly between users whether they are in different groups, organizations, or even SecurityCenter servers. The mechanism involves the export/import of an HTML file. The complication for this mechanism involves sharing the asset lists and queries embedded in the dashboard.
Though a user cannot share a dashboard shared from someone else, the user can make a copy. The user becomes the owner so can drill down, customize, share, and export.
Four questions can start the design of your strategic implementation of shared dashboards. Answers can come from the CISO’s vision as well as insights from analysts and other stakeholders.
- What metrics are we tracking across the company with our security efforts?
- What security information do individual teams track?
- What existing SecurityCenter templates provide depiction of #1 and #2?
- What other dashboards do we need to develop?
Answers to these question come from the top and bottom-up. The CISO can provide the focus and priorities of the overall security efforts. She or he can specify “Here is what everyone needs to track.” Individual departments can identify their targets. Then technical leads can quickly formulate the pieces for the implementation. Collaboration magnifies the efficiency. Instead of individual users building all their dashboards to varying success, useful dashboards can come from Tenable templates and local technical leads. Once the dashboards have been customized and tested, Security Managers can roll it out in the group definitions and other sharing mechanisms.
Here are some related resources regarding dashboards and sharing:
- User Guide: dashboard, sharing, role & user definition
- View a shared dashboard https://docs.tenable.com/sccv/5_4/Content/View_Shared_Dashboard.htm?Highlight=sharing
- Exporting a dashboard (under Options) https://docs.tenable.com/sccv/5_4/Content/Dashboard.htm
- Creating group, role, user - https://docs.tenable.com/sccv/5_4/Content/Users.htm
- Sharing Dashboards How-to Guide - dated but helpful https://community.tenable.com/docs/DOC-1183
SecurityCenter dashboard sharing can be driven by a CISO’s vision, include contributions from various teams and users, and then benefit all users by the means described above. Such strategic collaboration increases the security program effectiveness.